<?php
/* CONFIGURATION */
$priorities = array("Normal", "High");
$status = array("Active", "Completed", "Cancelled");
$per_page = 4;
$offset = 0;

/* BASIC AUTHENTICATION CHECK */
if (!isset($_SESSION["adminid"]) || !defined('ROOTDIR'))
{
	exit();
}

/* FUNCTIONS */
function read($tid)
{
	return mysql_num_rows(mysql_query("SELECT id FROM mod_tracker WHERE (uid='".intval($_SESSION["adminid"])."' AND tid='".$tid."' AND type='task_read');"));
}

function send_notice($adminids, $subject, $message)
{
	global $CONFIG;
	global $smtp_debug;
	
	if (!$message) 
		return false;

	$mail = new PHPMailer();
	$mail->From = $CONFIG['SystemEmailsFromEmail'];
	$mail->FromName = $CONFIG['SystemEmailsFromName'];

	$mail->Subject = $subject;
	$mail->CharSet = $CONFIG['Charset'];
	
	if ($CONFIG['MailType'] == 'mail')
	{
		$mail->Mailer = 'mail';
	}
	else
	{
		if ($CONFIG['MailType'] == 'smtp')
		{
			$mail->IsSMTP();
			$mail->Host = $CONFIG['SMTPHost'];
			$mail->Port = $CONFIG['SMTPPort'];
			$mail->Hostname = $_SERVER['SERVER_NAME'];
			if ($CONFIG['SMTPSSL'])
			{
				$mail->SMTPSecure = 'ssl';
			}

			if ($CONFIG['SMTPUsername'])
			{
				$mail->SMTPAuth = true;
				$mail->Username = $CONFIG['SMTPUsername'];
				$mail->Password = $CONFIG['SMTPPassword'];
			}

			$mail->Sender = $mail->From;
		}
	}

	if ($smtp_debug)
	{
		$mail->SMTPDebug = true;
	}

	$message_text = str_replace ('</p>', '
	', $message);
	$message_text = str_replace ('<br>', '
	', $message_text);
	$message_text = str_replace ('<br/>', '
	', $message_text);
	$message_text = str_replace ('<br />', '
	', $message_text);
	$message_text = strip_tags ($message_text);
	$mail->CharSet="utf-8";
	$mail->IsHTML(true);
	$mail->Body = $message;
	$mail->AltBody = $message_text;
	
	$emailcount = 0;
	if (count($adminids) > 1)
		$ids = implode(",", $adminids);
	else
		$ids = $adminids;
	$result = mysql_query("SELECT email, CONCAT_WS(' ', firstname, lastname) as fullname FROM tbladmins WHERE id IN (".$ids.");");
	
	while ($a = mysql_fetch_array ($result))
	{
		if ($a["email"])// && ($a["id"]!=intval($_SESSION["adminid"]))) // do not send to current admin
		{
			$mail->AddAddress($a["email"], trim($a["fullname"]));
			$mail->Body.="-".$a["id"].":".$a["email"]." ";//debug
			++$emailcount;
			continue;
		}
	}

	if (!$emailcount)
		return false;

	if (!$mail->Send())
	{
		logactivity('Admin Email Notification Sending Failed - ' . $mail->ErrorInfo . ('' . ' (Subject: ' . $subject . ')'));
	}

	$mail->ClearAddresses();
}
			
/* INITIALIZING COMMON VARIABLES */
/* check for full admin privileges */
$fadmin = 0;
if (mysql_num_rows(mysql_query("SELECT * FROM tbladmins WHERE roleid = 1 AND tbladmins.id = ". intval($_SESSION["adminid"]).";")))
	$fadmin = 1;

/* get list of admin */
$admins = array();
$admindepts = array();
$r = mysql_query("SELECT id, CONCAT_WS(' ', firstname, lastname) as fullname, mod_hrm.department as department FROM tbladmins LEFT JOIN mod_hrm ON tbladmins.id = mod_hrm.adminid WHERE mod_hrm.hidden!=1;");
while ($a = mysql_fetch_assoc($r))
{
	$admins[$a["id"]] = trim($a["fullname"]);
	$admindepts[$a["id"]] = explode(",",$a["department"]);
}

if (!isset($admins[intval($_SESSION["adminid"])]))
	exit();
	
/* get list of deparments */
$r = mysql_query("SELECT id, val FROM mod_config WHERE module='shift_manager' AND config='teams';");
$teams = array();
while ($t = mysql_fetch_assoc($r))
{
	$teams[$t["id"]]=$t["val"];
}

/* check access to a particular task 
	acl=0: access denied
	acl=1: participant . can reply
	acl=2: admin or task leader . can reply and change status */
$acl = 0;

if (isset($_REQUEST["id"]))
{
	if ($fadmin || mysql_num_rows(mysql_query("SELECT assigned FROM mod_task WHERE id='".intval($_REQUEST["id"])."' AND assigned='".intval($_SESSION["adminid"])."';")))
		$acl = 2;
	else
	{
		$r = mysql_query("SELECT aclp, aclg FROM mod_task WHERE id='".intval($_REQUEST["id"])."';");
		$a = mysql_fetch_assoc($r);
		if ($a["aclg"]=="-1")
			$acl = 1;
		else
		{
			$pd = explode(":",$a["aclg"]);
			$pp = explode(":",$a["aclp"]);
			if (in_array(intval($_SESSION["adminid"]), $pp))
				$acl = 1;
			else
			{
				foreach ($pd as $d)
				{
					if (in_array($d, $admindepts[intval($_SESSION["adminid"])]))
						$acl = 1;
				}
			}			
		}
	}	
}

/* PROCESSING POST/GET REQUEST */
if (isset($_REQUEST["op"]))
{
	if ($_REQUEST["op"]=="create")
	{
		/* input validation */
		if ((trim($_REQUEST["title"])=="") || (trim($_REQUEST["description"])==""))
			$error["create"] = "Some fields cannot be blank!";
		else if (!in_array($_REQUEST["priority"], $priorities))
			$error["create"] = "Invalid priority!";
		else if (!isset($admins[intval($_REQUEST["assignedperson"])]))
			$error["create"] = "Invalid admin ID!";
			
		if (isset($error["create"]))
		{
			$tab = 1;
		}
		else
		{
			$participantids = array(); // store participants' ids to send notice
			if ($_REQUEST["participantoption"]=="1") // log access grant to everyone
			{
				$aclp = "";
				$aclg = "-1";
				$p = "everyone";				
				foreach ($admins as $k => $n)
				{
					$participantids[] = $k;
				}
			}
			else
			{
				$pp = array(); // store participants' names to display in notice

				if (count($_REQUEST["participantperson"]))
				{
					foreach($_REQUEST["participantperson"] as $tp)
					{
						if (isset($admins[$tp]))
						{
							$participantids[] = $tp;
							$pp[] = $admins[$tp];
						}
					}
				}
				if (count($participantids))
					$aclp = ":".implode(":", $participantids).":";
				else
					$aclp = "";
				
				$aclg = "";
				if (count($_REQUEST["participantdept"]))
				{
					foreach($_REQUEST["participantdept"] as $td)
					{
						if (isset($teams[$td]))
						{
							foreach($admins as $aid => $an) 
							{
								if (!in_array($aid, $participantids) && in_array($td, $admindepts[$aid]))
								{
									$participantids[] = $aid;
								}
							}		
							$aclg .= ":".$td;
							$pp[] = $teams[$td];
						}
					}
					$aclg .= ":";
				}
				$p = implode(", ", $pp);
			}
			
			// insert task details
			mysql_query("INSERT INTO mod_task (id, title, priority, assigned, status, created, lastupdate, aclp, aclg, updatedby) VALUES ('', '".mysql_real_escape_string($_REQUEST["title"])."', '".mysql_real_escape_string($_REQUEST["priority"])."', '".intval($_REQUEST["assignedperson"])."', 'Active', NOW(), NOW(), '".$aclp."', '".$aclg."', '".intval($_SESSION["adminid"])."');");
			$tid = mysql_insert_id();
			
			// log create task action
			mysql_query("INSERT INTO mod_log (id, uid, content, timestamp, eid) VALUES ('', '".intval($_SESSION["adminid"])."', 'Created new task and assigned to ".$admins[intval($_REQUEST["assignedperson"])].".', NOW(), '".$tid."');");
			mysql_query("INSERT INTO mod_log (id, uid, content, timestamp, eid) VALUES ('', '".intval($_SESSION["adminid"])."', 'Allowed ".$p." to access this task.', NOW(), '".$tid."');");
			
			// log task description
			mysql_query("INSERT INTO mod_log (id, uid, content, timestamp, eid) VALUES ('', '".intval($_SESSION["adminid"])."', '".mysql_real_escape_string($_REQUEST["description"])."', NOW(), '".$tid."');");
			
			// notification to task leader
			if (intval($_REQUEST["assignedperson"]) != intval($_SESSION["adminid"]))
				send_notice(intval($_REQUEST["assignedperson"]), $admins[intval($_SESSION["adminid"])]." has assigned you a new task!", $admins[intval($_SESSION["adminid"])]." has assigned you the following task: ".htmlspecialchars_decode($_REQUEST["title"])."<br/><br/>".htmlspecialchars_decode($_REQUEST["description"]));
			
			// notification to task participants
			send_notice($participantids, $admins[intval($_SESSION["adminid"])]." has requested you to participate in a new task!", $admins[intval($_SESSION["adminid"])]." has requested you to participate in the following task: ".htmlspecialchars_decode($_REQUEST["title"])."<br/><br/>".htmlspecialchars_decode($_REQUEST["description"]));		

			// redirect back to task details
			header("Location:".$modulelink."&op=view&id=".$tid);
		}
	}
	
	if (($_REQUEST["op"]=="reply") && $acl)
	{
		// insert reply 
		mysql_query("INSERT INTO mod_log (id, uid, content, timestamp, eid) VALUES ('', '".intval($_SESSION["adminid"])."', '".mysql_real_escape_string($_REQUEST["reply"])."', NOW(), '".intval($_REQUEST["id"])."');");
		
		// update timestamp
		mysql_query("UPDATE mod_task SET lastupdate=NOW(), updatedby='".intval($_SESSION["adminid"])."' WHERE id='".intval($_REQUEST["id"])."';");
		
		// clear read tracker
		mysql_query("DELETE FROM mod_tracker WHERE (type='task_read' AND tid='".intval($_REQUEST["id"])."');");
		
		$participantids = array();
		$r = mysql_query("SELECT aclp, aclg, title FROM mod_task WHERE id='".intval($_REQUEST["id"])."';");
		$a = mysql_fetch_assoc($r);
		if ($a["aclg"]=="-1")
		{
			foreach ($admins as $k => $n)
			{
				$participantids[] = $k;
			}
		}	
		else
		{
			$pp = explode(":",$a["aclp"]);
			foreach($pp as $p)
			{
				if (isset($admins[$p]))
					$participantids[] = $p;
			}
			$pd = explode(":",$a["aclg"]);
			foreach($pd as $d)
			{
				if (isset($teams[$d]))
				{
					foreach($admins as $aid => $an) 
					{
						if (!in_array($aid, $participantids) && in_array($d, $admindepts[$aid]))
						{
							$participantids[] = $d;
						}
					}
				}	
			}
		}
		// notify participants
		send_notice($participantids, $admins[intval($_SESSION["adminid"])]." has updated task #".intval($_REQUEST["id"]), $admins[intval($_SESSION["adminid"])]." has updated task #".intval($_REQUEST["id"])." ".$a["title"].":<br/><br/>".htmlspecialchars_decode($_REQUEST["reply"]));
		
		// redirect back to task details
		header("Location:".$modulelink."&op=view&id=".intval($_REQUEST["id"]));
	}
	
	if (($_REQUEST["op"]=="delete") && $fadmin)
	{
		// remove task details
		mysql_query("DELETE FROM mod_task WHERE id=".intval($_REQUEST["id"]).";");
			
		// remove task replies
		mysql_query("DELETE FROM mod_log WHERE eid=".intval($_REQUEST["id"]).";");
			
		// clear tracker
		mysql_query("DELETE FROM mod_tracker WHERE (type='task_read' AND tid=".intval($_REQUEST["id"]).");");
	}
	
	if (($_REQUEST["op"]=="modify") && ($acl=="2") && (trim($_REQUEST["title"])!="") && in_array($_REQUEST["status"], $status) && in_array($_REQUEST["priority"], $priorities))
	{	
		$r = mysql_query("SELECT title, status, priority, assigned, aclp, aclg FROM mod_task WHERE id='".intval($_REQUEST["id"])."';");
		$task = mysql_fetch_assoc($r);
		$log = array();
		$q = "UPDATE mod_task SET";
		
		// change title
		if ($task["title"]!=mysql_real_escape_string($_REQUEST["title"]))
		{
			$log[] = "Changed title from <b>".$task["title"]."</b> to <b>".mysql_real_escape_string($_REQUEST["title"])."</b>";
			$q .= " title='".mysql_real_escape_string($_REQUEST["title"])."',";
		}
		
		// change status
		if ($task["status"]!=$_REQUEST["status"])
		{
			$log[] = "Changed status from <b>".$task["status"]."</b> to <b>".$_REQUEST["status"]."</b>";
			$q .= " status='".$_REQUEST["status"]."',";
		}
		
		// change priority
		if ($task["priority"]!=$_REQUEST["priority"])
		{
			$log[] = "Changed priority from <b>".$task["priority"]."</b> to <b>".$_REQUEST["priority"]."</b>";
			$q.= " priority='".$_REQUEST["priority"]."',";
		}
			
		// change task leader
		if ($task["assigned"]!=$_REQUEST["assignedperson"])
		{
			$log[] = "Changed task leader from <b>".$admins[$task["assigned"]]."</b> to <b>".$admins[intval($_REQUEST["assignedperson"])]."</b>";
			$q .= " assigned='".intval($_REQUEST["assignedperson"])."',";
		}
		
		if (isset($_REQUEST["participantoption"]) && ($_REQUEST["participantoption"]=="1")) // log access grant to everyone
		{					
				$q .= " aclp='', alcg='-1',";
				$log[] = "Allow everyone to access this task";
		}
		else // log access grant to individual
		{
				$pp = array(); // temp variable to store participants' & deparments' ids
				$pa = array(); // temp variable to store participants' & deparments' names
				$f = 0; // change flag
				foreach ($_REQUEST["participantperson"] as $p) // acl for individual
				{
					if (isset($admins[$p]) && (!in_array($p, $pp)))
					{
						$pp[] = $p;
						$pa[] = $admins[$p];
					}
				}
				if (count($pp) && ($task["aclp"]!=":".implode(":",$pp).":"))
				{
					$q .= " aclp=':".implode(":",$pp).":',";
					$f = 1;
				}
				
				$pp = array();
				foreach ($_REQUEST["participantdept"] as $d) // acl for department
				{
					if (isset($teams[$d]) && (!in_array($d, $pp)))
					{
						$pp[]=$d;			
						$pa[] = $teams[$d];
					}	
				}
				
				if (count($pp) && ($task["aclg"]!=":".implode(":",$pp).":"))
				{
					$q .= " aclg=':".implode(":",$pp).":',";
					$f = 1;
				}
				
				if (($task["aclg"]=="-1") && (!count($pp))) // reset
				{
					$q .= " aclg='',";
				}
				
				if ($f)
					$log[] = "Changed participants to ".implode(", ", $pa);
				else
					$log[] = "Removed all participants";
		}
		
		if (count($log))
		{
			// log action
			mysql_query("INSERT INTO mod_log (id, uid, content, timestamp, eid) VALUES ('', '".intval($_SESSION["adminid"])."', 'Made the following changes:<br>- ".implode("<br>- ", $log).".', NOW(), '".intval($_REQUEST["id"])."');");
			
			// change task details
			mysql_query($q." lastupdate=NOW(), updatedby='".intval($_SESSION["adminid"])."' WHERE id='".intval($_REQUEST["id"])."';");
			
			// clear read tracker
			mysql_query("DELETE FROM mod_tracker WHERE (type='task_read' AND tid='".intval($_REQUEST["id"])."');");
		}		
		header("Location:".$modulelink."&op=view&id=".intval($_REQUEST["id"]));
	}
}

?>
<!-- javascript for tab and input validation -->
<script language="javascript" type="text/javascript">
<!-- tab control -->
$(document).ready(function(){$(".tabbox").css("display","none");var selectedTab;$(".tab").click(function(){var elid=$(this).attr("id");$(".tab").removeClass("tabselected");$("#"+elid).addClass("tabselected");$(".tabbox").slideUp();if(elid!=selectedTab){selectedTab=elid;$("#"+elid+"box").slideDown();}else{selectedTab=null;$(".tab").removeClass("tabselected");}$("#tab").val(elid.substr(3));});$("#checkall").toggle(function(){$(".checkall").attr("checked","checked");},function(){$(".checkall").attr("checked","");});
<?php if (isset($tab))	echo 'selectedTab = "tab'.$tab.'";$("#tab'.$tab.'").addClass("tabselected");$("#tab'.$tab.'box").css("display","");'; ?>
});
<!-- only allow enter numeric value into a field -->
function numeric_only(e){var key;var keychar;if(window.event){key=window.event.keyCode;}else if(e){key=e.which;}else{return true;}keychar=String.fromCharCode(key);if((key==null)||(key==0)||(key==8)||(key==9)||(key==13)||(key==27)){return true;}else if((("0123456789").indexOf(keychar)>-1)){return true;}else{return false;}};
<!-- only allow select one option in the participant list -->
function changeP(){if($("#participantoption").is(':checked')){$("#participantperson").attr('disabled','disabled');$("#participantdept").attr('disabled','disabled');$(".opp").attr('disabled','disabled');$(".opp").attr('selected','');}else{$("#participantperson").attr('disabled','');$("#participantdept").attr('disabled','');$(".opp").attr('disabled','');}};
</script>

<!-- javascript for editor -->
<script language="javascript" type="text/javascript" src="editor/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
	mode : "textareas",
	theme : "advanced",
	relative_urls : true,
	plugins : "paste,noneditable,	table,save,advhr,advimage,advlink,iespell,insertdatetime,preview,zoom,flash,searchreplace,print,contextmenu",
	theme_advanced_buttons1_add_before : "save,separator",
	theme_advanced_buttons1_add : "fontselect,fontsizeselect",
	theme_advanced_buttons2_add : "separator,insertdate,inserttime,preview,zoom,separator,forecolor,backcolor",
	theme_advanced_buttons2_add_before: "cut,copy,paste,separator,search,replace,separator",
	theme_advanced_buttons3_add_before : "tablecontrols,separator",
	theme_advanced_buttons3_add : "iespell,flash,advhr,separator,print",
	theme_advanced_toolbar_location : "top",
	theme_advanced_toolbar_align : "left",
	theme_advanced_statusbar_location : "bottom",
	theme_advanced_resizing : true,
	apply_source_formatting : true,
	theme_advanced_resize_horizontal : true,
	force_br_newlines : true,
	force_p_newlines : false,
	forced_root_block : "",
	entities : "",
	plugin_insertdate_dateFormat : "%Y-%m-%d",
	plugin_insertdate_timeFormat : "%H:%M:%S",
	extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]"
});
function toggleEditor(id) {
	var elm = document.getElementById(id);
	if (tinyMCE.getInstanceById(id) == null)
		tinyMCE.execCommand('mceAddControl', false, id);
	else
		tinyMCE.execCommand('mceRemoveControl', false, id);
};
</script>
<?php
/* search/create div */
if (!isset($_REQUEST["op"]) || ($_REQUEST["op"]!="view"))
{
	echo '<div id="tabs">
					<ul>
						<li id="tab0" class="tab"><a href="javascript:;">Search/Filter</a></li>
						<li id="tab1" class="tab"><a href="javascript:;">Create</a></li>
					</ul>
				</div>
				<div id="tab0box" class="tabbox">
					<div id="tab_content">
						Not yet implemented!
					</div>
				</div>
				<div id="tab1box" class="tabbox">
					<div id="tab_content">';
					
	/* create new task form */
	if (isset($error["create"]))
		echo "<div class='infobox'>".$error["create"]."</div>";

	echo '<form action="'.$modulelink.'" method="POST">
					<input type="hidden" name="op" value="create">
					<input type="hidden" name="module" value="task_manager">
					<table class="form" width="100%" border="0" cellspacing="2" cellpadding="3">
					<tr>
						<td width="15%" class="fieldlabel">Title</td>
						<td class="fieldarea"><input type="text" name="title" size="120"';

	if (isset($error["create"]))
		echo ' value="'.$_REQUEST["title"].'"';

	echo '></td>
					</tr>
					<tr>
						<td width="15%" class="fieldlabel">Priority</td>
						<td class="fieldarea"><select name="priority">';
	foreach ($priorities as $p)
	{
		echo '<option value="'.$p.'"';
		if (isset($error["create"]) && ($_REQUEST["priority"] == $p))
			echo ' selected';
		echo '>'.$p;
	}
	echo '</select></td>
					</tr>
					<tr>
						<td width="15%" class="fieldlabel" valign="top">Description</td>
						<td class="fieldarea"><textarea rows="20" name="description">';

	if (isset($error["create"]))
		echo $_REQUEST["description"];

	echo '</textarea></td>
					</tr>
					<tr>
						<td width="15%" class="fieldlabel">Task leader</td>
						<td class="fieldarea">
							<select name="assignedperson">';
	if (isset($error["create"]) && isset($admins[intval($_REQUEST["assignedperson"])]))
		$ap = intval($_REQUEST["assignedperson"]);			
	else
		$ap = intval($_SESSION["adminid"]);
	
	foreach ($admins as $i => $n)
	{
		echo '<option value="'.$i.'"';
		if ($ap==$i)
			echo ' selected';
		echo '>'.$n.'</option>';
	}
	echo '	</select>
						</td>
					</tr>
					<tr>
						<td width="15%" class="fieldlabel" valign="top">Participants</td>
						<td class="fieldarea">
							<table><tr valign="top">
							<td>
								<input type="checkbox" name="participantoption" id="participantoption" value="1"';

	$ap = 1;
	if ((isset($error["create"]) && ($_REQUEST["participantoption"]=="1")) || !isset($error["create"]))
	{
		echo ' checked';
		$ap = 0;
	}
	echo ' onclick="changeP();">Everyone
							</td>
							<td>
								<select name="participantperson[]" id="participantperson" multiple="multiple" size="5"';

	if (!$ap)
		echo ' disabled';

	echo '>';
	foreach ($admins as $i => $n)
	{
		echo '<option value="'.$i.'" class="opp"';
		if (!$ap)
			echo ' disabled';
		elseif (isset($_REQUEST["participantperson"]) && in_array($i, $_REQUEST["participantperson"]))
			echo ' selected';
		echo '>'.$n.'</option>';
	}
	echo '		</select>
							</td>
							<td>
								<select name="participantdept[]" id="participantdept" multiple="multiple" size="5"';

	if (!$ap)
		echo ' disabled';

	echo '>';
	foreach ($teams as $i => $t)
	{
		echo '<option value="'.$i.'" class="opp"';
		if (!$ap)
			echo ' disabled';
		elseif (isset($_REQUEST["participantdept"]) && in_array($i, $_REQUEST["participantdept"]))
			echo ' selected';
		echo '>'.$t.'</option>';
	}
	echo '				</select>
							</td>
						</tr>
					</table>
				</td>
			</tr>
		</table><br/>
		<div align="center"><input type="submit" value="Create" name="create" class="button" /></div>
	</form>
		</div>
	</div>
	<br/>';
}
else if (($_REQUEST["op"]=="view") && $acl)
{
	// log task as read
	mysql_query("INSERT INTO mod_tracker (id, type, uid, tid) VALUES ('', 'task_read', '".intval($_SESSION["adminid"])."', '".intval($_REQUEST["id"])."');");
	
	// load task details
	$r = mysql_query("SELECT * FROM mod_task WHERE id='".intval($_REQUEST["id"])."';");
	if (mysql_num_rows($r))
	{
		$task = mysql_fetch_assoc($r);
		echo '<h2 style="margin:0;">#'.intval($_REQUEST["id"])." ".$task["title"].'</h2>';
		echo '<br/><div id="tabs">
					<ul>
						<li id="tab0" class="tab"><a href="javascript:;">Reply</a></li>
						<li id="tab1" class="tab"><a href="javascript:;">Modify</a></li>
					</ul>
				</div>
				<div id="tab0box" class="tabbox">
					<div id="tab_content">
					<form action="'.$modulelink.'" method="POST">
					<input type="hidden" name="op" value="reply">
					<input type="hidden" name="module" value="task_manager">
					<input type="hidden" name="id" value="'.intval($_REQUEST["id"]).'">
					<table class="form" width="100%" border="0" cellspacing="2" cellpadding="3">
					<tr>
						<td class="fieldarea"><textarea rows="20" style="width:100%" name="reply"></textarea></td>
					</tr>
					</table><br/>
					<div align="center"><input type="submit" value="Save" class="button" /></div>
					</form>
					</div>
				</div>
				<div id="tab1box" class="tabbox">
					<div id="tab_content">
						<form action="'.$modulelink.'" method="POST">
							<input type="hidden" name="op" value="modify">
							<input type="hidden" name="module" value="task_manager">
							<input type="hidden" name="id" value="'.intval($_REQUEST["id"]).'">
							<table class="form" width="100%" border="0" cellspacing="2" cellpadding="3">
							<tr>
								<td width="15%" class="fieldlabel">Title</td>
								<td class="fieldarea"><input type="text" name="title" size="120" value="'.$task["title"].'" /></td>
							</tr>';
		if ($acl==2)
		{
			echo '	<tr>
								<td width="15%" class="fieldlabel">Task leader</td>
								<td class="fieldarea">
									<select name="assignedperson">';
										foreach ($admins as $i => $n)
										{
											echo '<option value="'.$i.'"';
											if ($task["assigned"]==$i)
												echo ' selected';
											echo '>'.$n.'</option>';
										}
			echo '			</select>
								</td>
							</tr>
							<tr>
								<td width="15%" class="fieldlabel" valign="top">Participants</td>
								<td class="fieldarea">
									<table><tr valign="top">
									<td>
										<input type="checkbox" name="participantoption" id="participantoption" value="1"';

			$ap = 1;
			if ($task["aclg"]=="-1")
			{
				echo ' checked';
				$ap = 0;
			}
			echo ' onclick="changeP();">Everyone
									</td>
									<td>
									<select name="participantperson[]" id="participantperson" multiple="multiple" size="5"';

			if (!$ap)
				echo ' disabled';

			echo '>';
			$tmpacl = explode(":",$task["aclp"]);
			foreach ($admins as $i => $n)
			{
				echo '<option value="'.$i.'" class="opp"';
				if (!$ap)
					echo ' disabled';
				elseif (in_array($i, $tmpacl))
					echo ' selected';
				echo '>'.$n.'</option>';
			}
			echo '			</select>
									</td>
									<td>
									<select name="participantdept[]" id="participantdept" multiple="multiple" size="5"';

			if (!$ap)
				echo ' disabled';

			echo '>';
			$tmpacl = explode(":",$task["aclg"]);
			foreach ($teams as $i => $t)
			{
				echo '<option value="'.$i.'" class="opp"';
				if (!$ap)
					echo ' disabled';
				elseif (in_array($i, $tmpacl))
					echo ' selected';
				echo '>'.$t.'</option>';
			}
			echo '	</select>
									</td>
								</tr>
								</table>
							</td>
							</tr>';
		}
		echo '		<tr>
								<td width="15%" class="fieldlabel">Priorities</td>
								<td class="fieldarea"><select name="priority">';
		foreach ($priorities as $prt)
		{
			echo '<option value="'.$prt.'" ';
			if ($prt==$task["priority"])
				echo ' selected';
			echo '>'.$prt.'</option>';
		}
		echo '</select></td>
							</tr>
							<tr>
								<td width="15%" class="fieldlabel">Status</td>
								<td class="fieldarea"><select name="status">';
		foreach ($status as $st)
		{
			echo '<option value="'.$st.'" ';
			if ($st==$task["status"])
				echo ' selected';
			echo '>'.$st.'</option>';
		}
		echo '</select></td>
							</tr>
							</table><br/>
							<div align="center"><input type="submit" value="Save Changes" class="button" /></div>
						</form>';
		
		echo '</div>
				</div><br/>';
		if ($fadmin)
			echo '<form action="'.$modulelink.'" method="POST">
						<input type="hidden" name="op" value="delete">
						<input type="hidden" name="id" value="'.intval($_REQUEST["id"]).'">
						<table width="100%"><tr><td>';
						
		echo 'Currently assigned to <b>'.$admins[$task["assigned"]].'</b> - Status <b>'.$task["status"].'</b> with priority <b>'.$task["priority"].'</b>';				
		if ($fadmin)
			echo '</td><td align="right"><input type="submit" value="Delete" class="button" /></td></tr></table>
						</form>';
		else
			echo '<br/>';
		$r = mysql_query("SELECT * FROM mod_log WHERE eid='".intval($_REQUEST["id"])."' ORDER BY id;");
		echo '<br/><table width="100%" cellpadding="5" cellspacing="1" bgcolor="#cccccc">';
		while ($t = mysql_fetch_assoc($r))
		{
			echo '<tr>
							<td rowspan="2" bgcolor="#F8F8F8" width="120" valign="top" align="left"><b>'.$admins[$t["uid"]].'</b></td>
							<td bgcolor="#F8F8F8" align="left">'.$t["timestamp"].'</td>
						</tr>
						<tr>
							<td bgcolor="#F8F8F8" align="left">'.html_entity_decode($t["content"]).'</td>
						</tr>';
		}
		echo '</table><br/>';
		
				
		if ($task["aclg"]=="-1")
			echo 'This task is accessible by everyone.';
		else 
		{
			$pp = array(); // store participants' names to display in notice
			$tmp = explode(":", $task["aclp"]);
			foreach($tmp as $tp)
			{
				if (isset($admins[$tp]))
				{
					$pp[] = $admins[$tp];
				}
			}
			$tmp = explode(":", $task["aclg"]);
			foreach($tmp as $td)
			{
				if (isset($teams[$td]))
				{
					$pp[] = $teams[$td];
				}
			}	
			echo 'Participants: '.implode(", ",$pp);
		}		
	}
}
?>